Commit 399ab86e authored by Jeff Xu's avatar Jeff Xu Committed by Andrew Morton

/proc/pid/smaps: add mseal info for vma

Add sl in /proc/pid/smaps to indicate vma is sealed

Link: https://lkml.kernel.org/r/20240614232014.806352-2-jeffxu@google.com
Fixes: 8be7258a ("mseal: add mseal syscall")
Signed-off-by: default avatarJeff Xu <jeffxu@chromium.org>
Acked-by: default avatarDavid Hildenbrand <david@redhat.com>
Cc: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Cc: Jann Horn <jannh@google.com>
Cc: Jorge Lucangeli Obes <jorgelo@chromium.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: Randy Dunlap <rdunlap@infradead.org>
Cc: Stephen Röttger <sroettger@google.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
parent 8c61291f
...@@ -571,6 +571,7 @@ encoded manner. The codes are the following: ...@@ -571,6 +571,7 @@ encoded manner. The codes are the following:
um userfaultfd missing tracking um userfaultfd missing tracking
uw userfaultfd wr-protect tracking uw userfaultfd wr-protect tracking
ss shadow stack page ss shadow stack page
sl sealed
== ======================================= == =======================================
Note that there is no guarantee that every flag and associated mnemonic will Note that there is no guarantee that every flag and associated mnemonic will
......
...@@ -706,6 +706,9 @@ static void show_smap_vma_flags(struct seq_file *m, struct vm_area_struct *vma) ...@@ -706,6 +706,9 @@ static void show_smap_vma_flags(struct seq_file *m, struct vm_area_struct *vma)
#endif /* CONFIG_HAVE_ARCH_USERFAULTFD_MINOR */ #endif /* CONFIG_HAVE_ARCH_USERFAULTFD_MINOR */
#ifdef CONFIG_X86_USER_SHADOW_STACK #ifdef CONFIG_X86_USER_SHADOW_STACK
[ilog2(VM_SHADOW_STACK)] = "ss", [ilog2(VM_SHADOW_STACK)] = "ss",
#endif
#ifdef CONFIG_64BIT
[ilog2(VM_SEALED)] = "sl",
#endif #endif
}; };
size_t i; size_t i;
......
...@@ -406,6 +406,11 @@ extern unsigned int kobjsize(const void *objp); ...@@ -406,6 +406,11 @@ extern unsigned int kobjsize(const void *objp);
#define VM_ALLOW_ANY_UNCACHED VM_NONE #define VM_ALLOW_ANY_UNCACHED VM_NONE
#endif #endif
#ifdef CONFIG_64BIT
/* VM is sealed, in vm_flags */
#define VM_SEALED _BITUL(63)
#endif
/* Bits set in the VMA until the stack is in its final location */ /* Bits set in the VMA until the stack is in its final location */
#define VM_STACK_INCOMPLETE_SETUP (VM_RAND_READ | VM_SEQ_READ | VM_STACK_EARLY) #define VM_STACK_INCOMPLETE_SETUP (VM_RAND_READ | VM_SEQ_READ | VM_STACK_EARLY)
......
...@@ -1434,11 +1434,6 @@ void __meminit __init_single_page(struct page *page, unsigned long pfn, ...@@ -1434,11 +1434,6 @@ void __meminit __init_single_page(struct page *page, unsigned long pfn,
unsigned long shrink_slab(gfp_t gfp_mask, int nid, struct mem_cgroup *memcg, unsigned long shrink_slab(gfp_t gfp_mask, int nid, struct mem_cgroup *memcg,
int priority); int priority);
#ifdef CONFIG_64BIT
/* VM is sealed, in vm_flags */
#define VM_SEALED _BITUL(63)
#endif
#ifdef CONFIG_64BIT #ifdef CONFIG_64BIT
static inline int can_do_mseal(unsigned long flags) static inline int can_do_mseal(unsigned long flags)
{ {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment